You wrap the DNS request in a different layer of encryption than the relay server, so the relay server only knows you tried to resolve something, and the DNS server only knows someone tried to resolve a particular domain. That's how ODoH works.
To make it harder for parties to collude, you need additional encrypted hops, the way Tor does. ODoH doesn't do that, unless you're routing ODoH through Tor of course.
You would also need some kind of proof that the DNS records returned by the resolving DNS server haven't been tampered with, or a tracking DNS server could direct you to one of their IP addresses and proxy the request transparently. Unfortunately, the best solution we have for that is DNSSEC which is a very 90s take on DNS validation. It works fine if you don't abuse DNS in weird ways, but it's due for a redesign.
Why not? Cloudflare makes 1.1.1.1 available over tor although the latency is through the roof and you still need to consider the possibility of fingerprinting the client network stack.
You wrap the DNS request in a different layer of encryption than the relay server, so the relay server only knows you tried to resolve something, and the DNS server only knows someone tried to resolve a particular domain. That's how ODoH works.
To make it harder for parties to collude, you need additional encrypted hops, the way Tor does. ODoH doesn't do that, unless you're routing ODoH through Tor of course.
You would also need some kind of proof that the DNS records returned by the resolving DNS server haven't been tampered with, or a tracking DNS server could direct you to one of their IP addresses and proxy the request transparently. Unfortunately, the best solution we have for that is DNSSEC which is a very 90s take on DNS validation. It works fine if you don't abuse DNS in weird ways, but it's due for a redesign.
Why not? Cloudflare makes 1.1.1.1 available over tor although the latency is through the roof and you still need to consider the possibility of fingerprinting the client network stack.